DSA-1977 python2.4 python2.5 -- several vulnerabilitiesID: oval:org.mitre.oval:def:7152 | Date: (C)2010-05-24 (M)2024-04-17 |
Class: PATCH | Family: unix |
Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that the embedded Expat copy in the interpreter for the Python language, does not properly process malformed or crafted XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file. In addition, this update fixes an integer overflow in the hashlib module in python2.5. This vulnerability could allow an attacker to defeat cryptographic digests. It only affects the oldstable distribution .
Platform: |
Debian 5.0 |
Debian 4.0 |
Product: |
python2.4 |
python2.5 |